package com.jxc.admin.config;

import com.jxc.admin.bean.User;
import com.jxc.admin.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringBootConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.annotation.Resource;

/**
 * @Date: 2021/04/24/10:48
 * Security 针对登陆进行的处理
 */

//配置类
@SpringBootConfiguration
//校验环境
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private JxcAuthenticationSuccessHandler jxcAuthenticationSuccessHandler;

    @Autowired
    private JxcAuthenticationFailedHandler jxcAuthenticationFailedHandler;

    @Resource
    private IUserService userService;
    /*放行静态资源*/
    //重写里面的configure
    @Override
    public void configure(WebSecurity web) throws Exception {

        web.ignoring().antMatchers(
                "/css/**",
                "/error/**",
                "/images/**",
                "/js/**",
                "/lib/**");

    }

   //处理登陆时的配置
    @Override
    protected void configure(HttpSecurity http) throws Exception {
     //禁用csrf
     http.csrf().disable()
     //允许iframe 页面嵌套
     .headers().frameOptions().disable()
       .and()
         .formLogin()
             .usernameParameter("userName")
             .passwordParameter("password")
             // 设置自定义表单登录页面
             .loginPage("/index")
             // 设置登录验证请求地址为自定义登录页配置  框架提供的login
             .loginProcessingUrl("/login")
             .successHandler(jxcAuthenticationSuccessHandler)
             .failureHandler(jxcAuthenticationFailedHandler)
             //放行的地址
       .and()
             // 设置不需要授权的请求
           .authorizeRequests().antMatchers("/index","/login").permitAll()
             // 其它任何请求都需要验证权限
           .anyRequest().authenticated();
    }


    //Security的登陆逻辑的实现
    @Bean
    public UserDetailsService userDetailsService(){
        return new UserDetailsService() {
            @Override
            public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
                User userDetails = userService.findUserByUserName(username);
                return userDetails;
            }
        };
    }

    //对密码进行加密的实现方法
    @Bean
    public  PasswordEncoder encoder(){
         return new BCryptPasswordEncoder();
    }


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService()).passwordEncoder(encoder());
    }
}
